ポッドキャスト収録用のメモですよ。
podcast - #セキュリティのアレ - ゆるーいセキュリティのポッドキャストですよ。
事件、事故
Azure で障害が発生し、M365 サービスなどにも影響
(10/29) Azure status history | Microsoft Azure
Between 15:45 UTC on 29 October and 00:05 UTC on 30 October 2025, customers and Microsoft services leveraging Azure Front Door (AFD) may have experienced latencies, timeouts, and errors.
Affected Azure services include, but are not limited to: App Service, Azure Active Directory B2C, Azure Communication Services, Azure Databricks, Azure Healthcare APIs, Azure Maps, Azure Portal, Azure SQL Database, Azure Virtual Desktop, Container Registry, Media Services, Microsoft Copilot for Security, Microsoft Defender External Attack Surface Management, Microsoft Entra ID (Mobility Management Policy Service, Identity & Access Management, and User Management UX), Microsoft Purview, Microsoft Sentinel (Threat Intelligence), and Video Indexer.
(10/29) Microsoft: DNS outage impacts Azure and Microsoft 365 services
We’re investigating an issue impacting several Azure services. Customers may experience issues when accessing services. Updates are provided via the Azure status: https://t.co/GIfq5mC5Eb
— Azure Support (@AzureSupport) October 29, 2025
Microsoft 365 services are experiencing downstream impact related to the ongoing Azure outage. Additional updates can be found on the @AzureSupport outage page: https://t.co/U4YACRcMAn. https://t.co/7T3bkBQEk5
— Microsoft 365 Status (@MSFT365Status) October 29, 2025
攻撃、脅威
JPCERT/CC が攻撃グループ APT-C-60 の活動について報告
(10/27) 攻撃グループAPT-C-60による攻撃のアップデート - JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ
JPCERT/CC が既知または弱いシークレットを設定したWebアプリケーションの改ざんリスクについて注意喚起
(10/29) 既知または弱いシークレットを設定したWebアプリケーションの改ざんリスクについて
Sophos が攻撃者グループ BRONZE BUTLER による LANSCOPE の脆弱性を悪用する攻撃活動について報告
(10/30) BRONZE BUTLER exploits Japanese asset management software vulnerability – Sophos News
In mid-2025, Counter Threat Unit™ (CTU) researchers observed a sophisticated BRONZE BUTLER campaign that exploited a zero-day vulnerability in Motex LANSCOPE Endpoint Manager to steal confidential information. The Chinese state-sponsored BRONZE BUTLER threat group (also known as Tick) has been active since 2010 and previously exploited a zero-day vulnerability in Japanese asset management product SKYSEA Client View in 2016. JPCERT/CC published a notice about the LANSCOPE issue on October 22, 2025.
オーストラリアの ACSC が Cisco IOS XE の脆弱性を狙う BADCANDY マルウェアの攻撃活動について注意喚起
脆弱性
CISA が Known Exploited Vulnerabilities (KEV) カタログに 2+2 個の脆弱性を追加
(10/28) CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2025-6204 Dassault Systèmes DELMIA Apriso Code Injection Vulnerability
- CVE-2025-6205 Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability
(10/30) CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2025-24893 XWiki Platform Eval Injection Vulnerability
- CVE-2025-41244 Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
その他
X がユーザに対して 11/10 までにセキュリティキーの再登録を要請
(10/28) X、11月10日までの2要素認証(2FA)再登録をユーザーに要請 「Twitterドメイン廃止のため」 - ITmedia NEWS
(10/31) Xのセキュリティキー再登録の要求、その意味するところは? どう対応すればいい? | マイナビニュース
To clarify: this change is not related to any security concern, and only impacts Yubikeys and passkeys - not other 2FA methods (such as authenticator apps). Security keys enrolled as a 2FA method are currently tied to the twitter[.]com domain. Re-enrolling your security key will… https://t.co/PlXOTnNXPM
— Safety (@Safety) October 26, 2025
